Computer security firm SecurityFocus said it is not the author of an e-mail and file attachment claiming to be a fix for the recent Nimda worm.
In a warning posted to the company's "Incidents" mailing list yesterday, the San Mateo, California-based company said it believes the attachment could be a Trojan horse program that could damage users' systems if opened.
SecurityFocus said the e-mail claims to come from it as well as from Cupertino, California-based antivirus firm TrendMicro Inc.
"The messages come with an executable attachment named FIX_NIMDA.exe," SecurityFocus said in the warning. "Do not run this attachment. These messages do not come from us or TrendMicro, as a quick check of the headers will reveal. Common sense and best practices indicate that you should not execute any code that come[s] via e-mail unless you authenticate the source of the message."
The Nimda worm -- reports of which first began flooding into mailing lists and security firms two weeks ago -- is a mass-mailed piece of malicious code that infects systems running Microsoft's Windows 95, 98, ME, NT and 2000.
Unlike other worms and viruses, Nimda is capable of spreading via both network-based e-mail and Web browsers. It was also written to scan for and exploit back doors left behind by previous viruses such as Code Red and Sadmind.